Joseph White

This hands-on lab is designed to provide learners with an understanding of local accounts and their exploitation to further the objectives of an adversary in a cyber operation.

This hands-on lab is designed to provide learners with an understanding of how an adversary can use the Exfiltration Over Alternative Protocol: Asymmetric Encrypted Non-C2 Protocol TTP to further their objectives in a cyber operation.

In this hands-on lab, you will practice simulating a command-and-control (C2) beacon and detecting the resulting activity using a SIEM.

In this hands-on lab, you will learn how the native PowerShell scripting language for Windows can be abused to allow an attacker to execute remote commands, establish persistence, and create autorun files to carry out an attack.

In this hands-on lab, you will learn how a malicious user can obfuscate some of their payload actions through downloaded DLL files using the built-in rundll32.exe. Using rundll32, an attacker can make their activity look like a normal Windows system binary process being executed under rundll32.

In this hands-on lab, students will learn the basics of how an adversary can use removable media devices to gain access to an unauthorized host.